CVE-2024-11194

{"id": "CVE-2024-11194", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "security@wordfence.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2024-11-19T12:15:16.497", "references": [{"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L309", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/browser/classified-listing/tags/3.1.12/app/Controllers/Ajax/Import.php#L473", "source": "security@wordfence.com"}, {"url": "https://plugins.trac.wordpress.org/changeset/3189516/", "source": "security@wordfence.com"}, {"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/13d9a59f-1a1a-4936-a5ab-8a5e0c50303b?source=cve", "source": "security@wordfence.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "security@wordfence.com", "description": [{"lang": "en", "value": "CWE-862"}]}], "descriptions": [{"lang": "en", "value": "The Classified Listing \u2013 Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a misconfigured check on the 'rtcl_import_settings' function in all versions up to, and including, 3.1.15.1. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update limited arbitrary options on the WordPress site. This can be leveraged to update the Subscriber role with Administrator-level capabilities to gain administrative user access to a vulnerable site. The vulnerability is limited in that the option updated must have a value that is an array."}, {"lang": "es", "value": "El complemento Classified Listing \u2013 Classified ads & Business Directory Plugin para WordPress es vulnerable a la modificaci\u00f3n no autorizada de datos que puede provocar una escalada de privilegios debido a una verificaci\u00f3n mal configurada en la funci\u00f3n 'rtcl_import_settings' en todas las versiones hasta la 3.1.15.1 incluida. Esto permite que atacantes autenticados, con acceso de nivel de suscriptor y superior, actualicen opciones arbitrarias limitadas en el sitio de WordPress. Esto se puede aprovechar para actualizar el rol de suscriptor con capacidades de nivel de administrador para obtener acceso de usuario administrativo a un sitio vulnerable. La vulnerabilidad es limitada en el sentido de que la opci\u00f3n actualizada debe tener un valor que sea una matriz."}], "lastModified": "2024-11-19T21:57:32.967", "sourceIdentifier": "security@wordfence.com"}